package com.ssii.www.myproject.shiro.realms;

import lombok.NoArgsConstructor;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.util.StringUtils;
import org.mindrot.jbcrypt.BCrypt;
@NoArgsConstructor
public class MyMatcher extends HashedCredentialsMatcher {


  public MyMatcher(String hashAlgorithmName) {
    super();
    if (!StringUtils.hasText(hashAlgorithmName)) {
      throw new IllegalArgumentException("hashAlgorithmName cannot be null or empty.");
    } else {
      setHashAlgorithmName(hashAlgorithmName);
    }
  }

  public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    UsernamePasswordToken userToken = (UsernamePasswordToken) token;
    //要验证的明文密码
    String plaintext = new String(userToken.getPassword());
    //数据库中的加密后的密文
    String hashed = info.getCredentials().toString();

    return BCrypt.checkpw(plaintext, hashed);

  }
}
